/rest/{version}/vulnerabilities/{vulnId}/setContested
Descriptor | Value |
---|---|
HTTP Method | POST |
Description | Update the specified vulnerability's Contested status |
Required Permission | Update Vulnerability Contested Status |
Version Introduced | 2.7.2 |
Changes in 2.7.9 | Added a parameter 'contested' to control if you set the Contested status to True or False. |
Changes in 2.8 | Added vulnerabilityIds parameter to allow for changing of multiple vulnerabilities at once. |
Request Header Parameters
Parameter | Value | Required | Description |
---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request POST Data Parameters
Parameter | Value | Required | Description |
---|---|---|---|
contested | Boolean | No | Provide 'true' to mark the vulnerability as Contested. Provide 'false' to mark the vulnerability as Not Contested. Defaults to 'true' if not provided. |
vulnerabilityIds | Integer | Yes* | *When used in ThreadFix 2.8 and above. Provide a vulnerability ID to change the status for that vulnerability. Adding multiple vulnerabilityIds parameters allows for changing of multiple vulnerabilities at once. |
Sample Calls:
Version 2.7.2 to 2.7.9
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'contested=true' http://localhost:8080/threadfix/rest/latest/vulnerabilities/{vulnerabilityId}/setContested
Version 2.8 and higher
curl --insecure -H 'content-type: application/x-www-form-urlencoded' -H 'accept: application/json' -H 'Authorization: APIKEY {API KEY}' -X POST --data 'contested=true&vulnerabilityIds=16&vulnerabilityIds=17' http://localhost:8080/threadfix/rest/latest/vulnerabilities/setContested
Sample Output:
{ "message": "The vulnerability has been successfully set as contested.", "success": true, "responseCode": -1, "object": 241 }